bundler 2.5.0 → 2.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 96c3a9a5a42642d473042853b90ec2e07a4be74e6e1b5aba5bfdc3bcc0ed8776
-  data.tar.gz: 5ccfc33ca9f1b86f30d896fc89db5e556b1dab1ec84361b1f2aa9bb65ff39769
+  metadata.gz: 3c7f621c84657b3f3fd279d8a48af66bdbade71a8459089ef0ea88aeb0738963
+  data.tar.gz: a4d4671ac30378b6a175ac0293926de0378f3befd00f674920b1900921fcd3c3
 SHA512:
-  metadata.gz: f9822abc2d327f47a25c580b932e4cf3108ab8ecc41d8c206db8840c27779ec4943daa0a28c05e36503c1a04f5b3cb82f2b93a5f32538cf52e2a62c8fee5c11c
-  data.tar.gz: f6f4e921e4c606352f0b2d1e54b2674f999690dda1a8d932b3c78bb0f6561f4527e4bf88fbfadb1061bbeb097014225fae9609262f415d1c3e08d61581e7f387
+  metadata.gz: a7b9404efdc5425a84c5cb0352bdc1197ec1659a428f04533dca5572d1b253761f85df3b8837a583d98866e9f49c9edff057eda6804400b747edae9dfb8b24f3
+  data.tar.gz: 8893ef747d56291328bfec9bd51a58802d60b51f4077b999971fe76b169d00f636ad853bd0f7238b7c3770aa2e912462f7dc086189e792bb796c18891f07f4c2

data/CHANGELOG.md

@@ -1,3 +1,13 @@
+# 2.5.1 (December 15, 2023)
+
+## Bug fixes:
+
+  - Fix `ruby` Gemfile DSL with `file:` parameter no longer working [#7288](https://github.com/rubygems/rubygems/pull/7288)
+
+## Performance:
+
+  - Save array allocation for every dependency in Gemfile [#7270](https://github.com/rubygems/rubygems/pull/7270)
+
 # 2.5.0 (December 15, 2023)
 
 ## Breaking changes:

data/lib/bundler/build_metadata.rb

@@ -5,7 +5,7 @@ module Bundler
   module BuildMetadata
     # begin ivars
     @built_at = "2023-12-15".freeze
-    @git_commit_sha = "58fdbff35a".freeze
+    @git_commit_sha = "c944d05909".freeze
     @release = true
     # end ivars
 

data/lib/bundler/checksum.rb

@@ -30,6 +30,7 @@ module Bundler
 
       def from_api(digest, source_uri, algo = DEFAULT_ALGORITHM)
         return if Bundler.settings[:disable_checksum_validation]
+
         Checksum.new(algo, to_hexdigest(digest, algo), Source.new(:api, source_uri))
       end
 
@@ -41,11 +42,13 @@ module Bundler
       def to_hexdigest(digest, algo = DEFAULT_ALGORITHM)
         return digest unless algo == DEFAULT_ALGORITHM
         return digest if digest.match?(/\A[0-9a-f]{64}\z/i)
+
         if digest.match?(%r{\A[-0-9a-z_+/]{43}={0,2}\z}i)
           digest = digest.tr("-_", "+/") # fix urlsafe base64
-          return digest.unpack1("m0").unpack1("H*")
+          digest.unpack1("m0").unpack1("H*")
+        else
+          raise ArgumentError, "#{digest.inspect} is not a valid SHA256 hex or base64 digest"
         end
-        raise ArgumentError, "#{digest.inspect} is not a valid SHA256 hex or base64 digest"
       end
     end
 
@@ -63,6 +66,10 @@ module Bundler
 
     alias_method :eql?, :==
 
+    def same_source?(other)
+      sources.include?(other.sources.first)
+    end
+
     def match?(other)
       other.is_a?(self.class) && other.digest == digest && other.algo == algo
     end
@@ -81,6 +88,7 @@ module Bundler
 
     def merge!(other)
       return nil unless match?(other)
+
       @sources.concat(other.sources).uniq!
       self
     end
@@ -161,26 +169,17 @@ module Bundler
 
       def initialize
         @store = {}
-      end
-
-      def initialize_copy(other)
-        @store = {}
-        other.store.each do |lock_name, checksums|
-          store[lock_name] = checksums.dup
-        end
+        @store_mutex = Mutex.new
       end
 
       def inspect
         "#<#{self.class}:#{object_id} size=#{store.size}>"
       end
 
-      def fetch(spec, algo = DEFAULT_ALGORITHM)
-        store[spec.name_tuple.lock_name]&.fetch(algo, nil)
-      end
-
       # Replace when the new checksum is from the same source.
-      # The primary purpose of this registering checksums from gems where there are
+      # The primary purpose is registering checksums from gems where there are
       # duplicates of the same gem (according to full_name) in the index.
+      #
       # In particular, this is when 2 gems have two similar platforms, e.g.
       # "darwin20" and "darwin-20", both of which resolve to darwin-20.
       # In the Index, the later gem replaces the former, so we do that here.
@@ -192,19 +191,19 @@ module Bundler
         return unless checksum
 
         lock_name = spec.name_tuple.lock_name
-        checksums = (store[lock_name] ||= {})
-        existing = checksums[checksum.algo]
-
-        # we assume only one source because this is used while building the index
-        if !existing || existing.sources.first == checksum.sources.first
-          checksums[checksum.algo] = checksum
-        else
-          register_checksum(lock_name, checksum)
+        @store_mutex.synchronize do
+          existing = fetch_checksum(lock_name, checksum.algo)
+          if !existing || existing.same_source?(checksum)
+            store_checksum(lock_name, checksum)
+          else
+            merge_checksum(lock_name, checksum, existing)
+          end
         end
       end
 
       def register(spec, checksum)
         return unless checksum
+
         register_checksum(spec.name_tuple.lock_name, checksum)
       end
 
@@ -218,7 +217,8 @@ module Bundler
 
       def to_lock(spec)
         lock_name = spec.name_tuple.lock_name
-        if checksums = store[lock_name]
+        checksums = @store[lock_name]
+        if checksums
           "#{lock_name} #{checksums.values.map(&:to_lock).sort.join(",")}"
         else
           lock_name
@@ -228,18 +228,27 @@ module Bundler
       private
 
       def register_checksum(lock_name, checksum)
-        return unless checksum
-        checksums = (store[lock_name] ||= {})
-        existing = checksums[checksum.algo]
-
-        if !existing
-          checksums[checksum.algo] = checksum
-        elsif existing.merge!(checksum)
-          checksum
-        else
-          raise ChecksumMismatchError.new(lock_name, existing, checksum)
+        @store_mutex.synchronize do
+          existing = fetch_checksum(lock_name, checksum.algo)
+          if existing
+            merge_checksum(lock_name, checksum, existing)
+          else
+            store_checksum(lock_name, checksum)
+          end
         end
       end
+
+      def merge_checksum(lock_name, checksum, existing)
+        existing.merge!(checksum) || raise(ChecksumMismatchError.new(lock_name, existing, checksum))
+      end
+
+      def store_checksum(lock_name, checksum)
+        (@store[lock_name] ||= {})[checksum.algo] = checksum
+      end
+
+      def fetch_checksum(lock_name, algo)
+        @store[lock_name]&.fetch(algo, nil)
+      end
     end
   end
 end

data/lib/bundler/dsl.rb

@@ -20,7 +20,7 @@ module Bundler
 
     GITHUB_PULL_REQUEST_URL = %r{\Ahttps://github\.com/([A-Za-z0-9_\-\.]+/[A-Za-z0-9_\-\.]+)/pull/(\d+)\z}
 
-    attr_reader :gemspecs
+    attr_reader :gemspecs, :gemfile
     attr_accessor :dependencies
 
     def initialize
@@ -404,13 +404,11 @@ module Bundler
     end
 
     def validate_keys(command, opts, valid_keys)
-      invalid_keys = opts.keys - valid_keys
-
-      git_source = opts.keys & @git_sources.keys.map(&:to_s)
-      if opts["branch"] && !(opts["git"] || opts["github"] || git_source.any?)
+      if opts["branch"] && !(opts["git"] || opts["github"] || (opts.keys & @git_sources.keys.map(&:to_s)).any?)
         raise GemfileError, %(The `branch` option for `#{command}` is not allowed. Only gems with a git source can specify a branch)
       end
 
+      invalid_keys = opts.keys - valid_keys
       return true unless invalid_keys.any?
 
       message = String.new

data/lib/bundler/vendor/connection_pool/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/fileutils/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/net-http-persistent/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb

@@ -20,7 +20,7 @@ autoload :OpenSSL, 'openssl'
 #
 # Example:
 #
-#   require 'bundler/vendor/net-http/lib/net/http/persistent'
+#   require 'bundler/vendor/net-http-persistent/lib/net/http/persistent'
 #
 #   uri = Bundler::URI 'http://example.com/awesome/web/service'
 #

data/lib/bundler/vendor/pub_grub/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/thor/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/tsort/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/vendor/uri/.document

@@ -0,0 +1 @@
+# Vendored files do not need to be documented

data/lib/bundler/version.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: false
 
 module Bundler
-  VERSION = "2.5.0".freeze
+  VERSION = "2.5.1".freeze
 
   def self.bundler_major_version
     @bundler_major_version ||= VERSION.split(".").first.to_i

data/lib/bundler.rb

@@ -100,9 +100,7 @@ module Bundler
     end
 
     def create_bundle_path
-      SharedHelpers.filesystem_access(bundle_path.to_s) do |p|
-        mkdir_p(p)
-      end unless bundle_path.exist?
+      mkdir_p(bundle_path) unless bundle_path.exist?
 
       @bundle_path = bundle_path.realpath
     rescue Errno::EEXIST
@@ -119,7 +117,7 @@ module Bundler
       @bin_path ||= begin
         path = settings[:bin] || "bin"
         path = Pathname.new(path).expand_path(root).expand_path
-        SharedHelpers.filesystem_access(path) {|p| FileUtils.mkdir_p(p) }
+        mkdir_p(path)
         path
       end
     end
@@ -483,7 +481,7 @@ module Bundler
       configured_bundle_path.use_system_gems?
     end
 
-    def mkdir_p(path, options = {})
+    def mkdir_p(path)
       SharedHelpers.filesystem_access(path, :write) do |p|
         FileUtils.mkdir_p(p)
       end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: bundler
 version: !ruby/object:Gem::Version
-  version: 2.5.0
+  version: 2.5.1
 platform: ruby
 authors:
 - André Arko
@@ -273,18 +273,22 @@ files:
 - lib/bundler/uri_credentials_filter.rb
 - lib/bundler/uri_normalizer.rb
 - lib/bundler/vendor/.document
+- lib/bundler/vendor/connection_pool/.document
 - lib/bundler/vendor/connection_pool/LICENSE
 - lib/bundler/vendor/connection_pool/lib/connection_pool.rb
 - lib/bundler/vendor/connection_pool/lib/connection_pool/timed_stack.rb
 - lib/bundler/vendor/connection_pool/lib/connection_pool/version.rb
 - lib/bundler/vendor/connection_pool/lib/connection_pool/wrapper.rb
+- lib/bundler/vendor/fileutils/.document
 - lib/bundler/vendor/fileutils/LICENSE.txt
 - lib/bundler/vendor/fileutils/lib/fileutils.rb
+- lib/bundler/vendor/net-http-persistent/.document
 - lib/bundler/vendor/net-http-persistent/README.rdoc
 - lib/bundler/vendor/net-http-persistent/lib/net/http/persistent.rb
 - lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/connection.rb
 - lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/pool.rb
 - lib/bundler/vendor/net-http-persistent/lib/net/http/persistent/timed_stack_multi.rb
+- lib/bundler/vendor/pub_grub/.document
 - lib/bundler/vendor/pub_grub/LICENSE.txt
 - lib/bundler/vendor/pub_grub/lib/pub_grub.rb
 - lib/bundler/vendor/pub_grub/lib/pub_grub/assignment.rb
@@ -302,6 +306,7 @@ files:
 - lib/bundler/vendor/pub_grub/lib/pub_grub/version_range.rb
 - lib/bundler/vendor/pub_grub/lib/pub_grub/version_solver.rb
 - lib/bundler/vendor/pub_grub/lib/pub_grub/version_union.rb
+- lib/bundler/vendor/thor/.document
 - lib/bundler/vendor/thor/LICENSE.md
 - lib/bundler/vendor/thor/lib/thor.rb
 - lib/bundler/vendor/thor/lib/thor/actions.rb
@@ -339,8 +344,10 @@ files:
 - lib/bundler/vendor/thor/lib/thor/shell/wrapped_printer.rb
 - lib/bundler/vendor/thor/lib/thor/util.rb
 - lib/bundler/vendor/thor/lib/thor/version.rb
+- lib/bundler/vendor/tsort/.document
 - lib/bundler/vendor/tsort/LICENSE.txt
 - lib/bundler/vendor/tsort/lib/tsort.rb
+- lib/bundler/vendor/uri/.document
 - lib/bundler/vendor/uri/LICENSE.txt
 - lib/bundler/vendor/uri/lib/uri.rb
 - lib/bundler/vendor/uri/lib/uri/common.rb
@@ -392,7 +399,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 3.2.3
 requirements: []
-rubygems_version: 3.5.0
+rubygems_version: 3.5.1
 signing_key:
 specification_version: 4
 summary: The best way to manage your application's dependencies